Using SF 4.1.2.801 as the main incoming server, I've got a question on how to handle a situation where an offsite backup MX service is used. The scenario is simple:

domain.com 600 mx 10 mail.domain.com

domain.com 600 mx 20 mail.backupmx.com

domain.com 600 mx 30 mail.domain.com

Spammers regularly hit all 3 of the records. The problem is that the backupmx.com (not it's real name) service quite often gets dumped into the honeypots IP list. Whitelisting the IP of the backup MX is not a reasonable solution since that would open the door for all the spammers. But, having it honeypotted is also bad because it causes rejection of emails based simply on that IP.

So, in short, is there a way to use the honeypot features, yet, not honeypot a particular set of IP's, but also not whitelist them? I guess what I want to do is exclude some IP's from ever being honeypotted or blacklisted, but not whitelisted, sort of skip the IP testing.

DoNotAddIPToHoneypot – This optional setting is available in the SpamFilter.ini file. It is used to specify any IPs (separated by commas - no wildcards) that you do not wish to be automatically added to the Honeypot IP blacklist. This setting also prevents those IPs to be added to the IP cache blacklist. It is used mainly to specify IPs that you still wish to be filtered for spam, but you do not want to permanently block.
There is no need to restart SpamFilter after making the change in the ini file, it will be reloaded automatically within 60 seconds after you save it.

Awesome Roberto, I knew it had to already be addressed!! Can I enter entire segments in the list or just individual IP's? Such as 10.0.0.0/24 versus 10.0.0.1 to 10.0.0.254? I'm assuming there is a recommended limit to how many IP's to actually put on this list.

sorry, only individual IPs can be added in that list, not networks.
As far as limits are concerned, to be honest we're not sure! The limit here is dependent on the Windows OS itself and how long a line in an .INI file can be - we've never researched this to find out the maximum (if any). A few thousand characters however on that line should be acceptable.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot delete your posts in this forumYou cannot edit your posts in this forumYou cannot create polls in this forumYou cannot vote in polls in this forum